dependabot-nuget 0.278.0 → 0.280.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (45) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/build +1 -1
  3. data/helpers/lib/NuGetUpdater/.editorconfig +1 -0
  4. data/helpers/lib/NuGetUpdater/Directory.Build.props +1 -0
  5. data/helpers/lib/NuGetUpdater/Directory.Common.props +1 -1
  6. data/helpers/lib/NuGetUpdater/Directory.Packages.props +6 -1
  7. data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Analyze.cs +7 -0
  8. data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Discover.cs +6 -0
  9. data/helpers/lib/NuGetUpdater/NuGetUpdater.Cli.Test/EntryPointTests.Update.cs +2 -3
  10. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/AnalyzeWorker.cs +95 -84
  11. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Analyze/Requirement.cs +2 -2
  12. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Discover/DiscoveryWorker.cs +53 -46
  13. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/ErrorType.cs +1 -0
  14. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/NativeResult.cs +1 -1
  15. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyFileNotFound.cs +6 -0
  16. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobErrorBase.cs +11 -0
  17. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PrivateSourceAuthenticationFailure.cs +6 -0
  18. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UnknownError.cs +6 -0
  19. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdateNotPossible.cs +6 -0
  20. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/HttpApiHandler.cs +5 -0
  21. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/IApiHandler.cs +1 -0
  22. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs +67 -15
  23. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/UpdateNotPossibleException.cs +11 -0
  24. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/LockFileUpdater.cs +1 -1
  25. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/PackagesConfigUpdater.cs +2 -0
  26. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/SdkPackageUpdater.cs +2 -2
  27. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/UpdaterWorker.cs +58 -39
  28. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/MSBuildHelper.cs +16 -5
  29. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/NuGetHelper.cs +1 -1
  30. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core/Utilities/ProcessExtensions.cs +2 -4
  31. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Analyze/AnalyzeWorkerTestBase.cs +5 -9
  32. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Analyze/RequirementTests.cs +4 -1
  33. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Discover/DiscoveryWorkerTestBase.cs +5 -8
  34. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/MockNuGetPackage.cs +10 -1
  35. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/RunWorkerTests.cs +92 -0
  36. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Run/TestApiHandler.cs +10 -4
  37. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTestBase.cs +10 -15
  38. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.PackagesConfig.cs +79 -1
  39. data/helpers/lib/NuGetUpdater/NuGetUpdater.Core.Test/Update/UpdateWorkerTests.Sdk.cs +10 -1
  40. data/helpers/lib/NuGetUpdater/global.json +1 -1
  41. data/lib/dependabot/nuget/file_updater.rb +5 -1
  42. data/lib/dependabot/nuget/native_helpers.rb +9 -4
  43. data/lib/dependabot/nuget/requirement.rb +2 -0
  44. data/lib/dependabot/nuget/update_checker/repository_finder.rb +26 -2
  45. metadata +16 -10
@@ -9,27 +9,33 @@ internal class TestApiHandler : IApiHandler
9
9
 
10
10
  public IEnumerable<(Type Type, object Object)> ReceivedMessages => _receivedMessages;
11
11
 
12
+ public Task RecordUpdateJobError(JobErrorBase error)
13
+ {
14
+ _receivedMessages.Add((error.GetType(), error));
15
+ return Task.CompletedTask;
16
+ }
17
+
12
18
  public Task UpdateDependencyList(UpdatedDependencyList updatedDependencyList)
13
19
  {
14
- _receivedMessages.Add((typeof(UpdatedDependencyList), updatedDependencyList));
20
+ _receivedMessages.Add((updatedDependencyList.GetType(), updatedDependencyList));
15
21
  return Task.CompletedTask;
16
22
  }
17
23
 
18
24
  public Task IncrementMetric(IncrementMetric incrementMetric)
19
25
  {
20
- _receivedMessages.Add((typeof(IncrementMetric), incrementMetric));
26
+ _receivedMessages.Add((incrementMetric.GetType(), incrementMetric));
21
27
  return Task.CompletedTask;
22
28
  }
23
29
 
24
30
  public Task CreatePullRequest(CreatePullRequest createPullRequest)
25
31
  {
26
- _receivedMessages.Add((typeof(CreatePullRequest), createPullRequest));
32
+ _receivedMessages.Add((createPullRequest.GetType(), createPullRequest));
27
33
  return Task.CompletedTask;
28
34
  }
29
35
 
30
36
  public Task MarkAsProcessed(MarkAsProcessed markAsProcessed)
31
37
  {
32
- _receivedMessages.Add((typeof(MarkAsProcessed), markAsProcessed));
38
+ _receivedMessages.Add((markAsProcessed.GetType(), markAsProcessed));
33
39
  return Task.CompletedTask;
34
40
  }
35
41
  }
@@ -1,5 +1,3 @@
1
- using System.Text.Json;
2
-
3
1
  using NuGetUpdater.Core.Updater;
4
2
 
5
3
  using Xunit;
@@ -137,10 +135,7 @@ public abstract class UpdateWorkerTestBase : TestBase
137
135
  // run update
138
136
  var worker = new UpdaterWorker(new Logger(verbose: true));
139
137
  var projectPath = placeFilesInSrc ? $"src/{projectFilePath}" : projectFilePath;
140
- var updateResultFile = Path.Combine(temporaryDirectory, "update-result.json");
141
- await worker.RunAsync(temporaryDirectory, projectPath, dependencyName, oldVersion, newVersion, isTransitive, updateResultFile);
142
- var actualResultContents = await File.ReadAllTextAsync(updateResultFile);
143
- var actualResult = JsonSerializer.Deserialize<UpdateOperationResult>(actualResultContents, UpdaterWorker.SerializerOptions);
138
+ var actualResult = await worker.RunWithErrorHandlingAsync(temporaryDirectory, projectPath, dependencyName, oldVersion, newVersion, isTransitive);
144
139
  if (expectedResult is { })
145
140
  {
146
141
  ValidateUpdateOperationResult(expectedResult, actualResult!);
@@ -159,7 +154,7 @@ public abstract class UpdateWorkerTestBase : TestBase
159
154
  protected static void ValidateUpdateOperationResult(UpdateOperationResult expectedResult, UpdateOperationResult actualResult)
160
155
  {
161
156
  Assert.Equal(expectedResult.ErrorType, actualResult.ErrorType);
162
- Assert.Equal(expectedResult.ErrorDetails, actualResult.ErrorDetails);
157
+ Assert.Equivalent(expectedResult.ErrorDetails, actualResult.ErrorDetails);
163
158
  }
164
159
 
165
160
  protected static Task TestNoChangeforSolution(
@@ -257,14 +252,6 @@ public abstract class UpdateWorkerTestBase : TestBase
257
252
  package.WriteToDirectory(localFeedPath);
258
253
  }
259
254
 
260
- // override various nuget locations
261
- foreach (var envName in new[] { "NUGET_PACKAGES", "NUGET_HTTP_CACHE_PATH", "NUGET_SCRATCH", "NUGET_PLUGINS_CACHE_PATH" })
262
- {
263
- string dir = Path.Join(temporaryDirectory, envName);
264
- Directory.CreateDirectory(dir);
265
- Environment.SetEnvironmentVariable(envName, dir);
266
- }
267
-
268
255
  // ensure only the test feed is used
269
256
  string relativeLocalFeedPath = Path.GetRelativePath(temporaryDirectory, localFeedPath);
270
257
  await File.WriteAllTextAsync(Path.Join(temporaryDirectory, "NuGet.Config"), $"""
@@ -278,6 +265,14 @@ public abstract class UpdateWorkerTestBase : TestBase
278
265
  """
279
266
  );
280
267
  }
268
+
269
+ // override various nuget locations
270
+ foreach (var envName in new[] { "NUGET_PACKAGES", "NUGET_HTTP_CACHE_PATH", "NUGET_SCRATCH", "NUGET_PLUGINS_CACHE_PATH" })
271
+ {
272
+ string dir = Path.Join(temporaryDirectory, envName);
273
+ Directory.CreateDirectory(dir);
274
+ Environment.SetEnvironmentVariable(envName, dir);
275
+ }
281
276
  }
282
277
 
283
278
  protected static async Task<TestFile[]> RunUpdate(TestFile[] files, Func<string, Task> action)
@@ -2106,7 +2106,7 @@ public partial class UpdateWorkerTests
2106
2106
  var resultContents = await File.ReadAllTextAsync(resultOutputPath);
2107
2107
  var result = JsonSerializer.Deserialize<UpdateOperationResult>(resultContents, UpdaterWorker.SerializerOptions)!;
2108
2108
  Assert.Equal(ErrorType.MissingFile, result.ErrorType);
2109
- Assert.Equal(Path.Combine(temporaryDirectory.DirectoryPath, "this.file.does.not.exist.targets"), result.ErrorDetails);
2109
+ Assert.Equal(Path.Combine(temporaryDirectory.DirectoryPath, "this.file.does.not.exist.targets"), result.ErrorDetails.ToString());
2110
2110
  }
2111
2111
 
2112
2112
  [Fact]
@@ -2190,6 +2190,84 @@ public partial class UpdateWorkerTests
2190
2190
  );
2191
2191
  }
2192
2192
 
2193
+ [Fact]
2194
+ public async Task MissingDependencyErrorIsReported()
2195
+ {
2196
+ // trying to update Some.Package from 1.0.1 to 1.0.2, but another package isn't available; update fails
2197
+ await TestUpdateForProject("Some.Package", "1.0.1", "1.0.2",
2198
+ packages:
2199
+ [
2200
+ MockNuGetPackage.CreateSimplePackage("Some.Package", "1.0.1", "net45"),
2201
+ MockNuGetPackage.CreateSimplePackage("Some.Package", "1.0.2", "net45"),
2202
+
2203
+ // the package `Unrelated.Package/1.0.0` is missing and will cause the update to fail
2204
+ ],
2205
+ // existing
2206
+ projectContents: """
2207
+ <Project ToolsVersion="15.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
2208
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
2209
+ <PropertyGroup>
2210
+ <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
2211
+ </PropertyGroup>
2212
+ <ItemGroup>
2213
+ <None Include="packages.config" />
2214
+ </ItemGroup>
2215
+ <ItemGroup>
2216
+ <Reference Include="Some.Package, Version=1.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed">
2217
+ <HintPath>packages\Some.Package.1.0.1\lib\net45\Some.Package.dll</HintPath>
2218
+ <Private>True</Private>
2219
+ </Reference>
2220
+ <Reference Include="Unrelated.Package, Version=1.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed">
2221
+ <HintPath>packages\Unrelated.Package.1.0.0\lib\net45\Unrelated.Package.dll</HintPath>
2222
+ <Private>True</Private>
2223
+ </Reference>
2224
+ </ItemGroup>
2225
+ <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
2226
+ </Project>
2227
+ """,
2228
+ packagesConfigContents: """
2229
+ <packages>
2230
+ <package id="Some.Package" version="1.0.1" targetFramework="net45" />
2231
+ <package id="Unrelated.Package" version="1.0.0" targetFramework="net45" />
2232
+ </packages>
2233
+ """,
2234
+ // expected
2235
+ expectedProjectContents: """
2236
+ <Project ToolsVersion="15.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
2237
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
2238
+ <PropertyGroup>
2239
+ <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
2240
+ </PropertyGroup>
2241
+ <ItemGroup>
2242
+ <None Include="packages.config" />
2243
+ </ItemGroup>
2244
+ <ItemGroup>
2245
+ <Reference Include="Some.Package, Version=1.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed">
2246
+ <HintPath>packages\Some.Package.1.0.1\lib\net45\Some.Package.dll</HintPath>
2247
+ <Private>True</Private>
2248
+ </Reference>
2249
+ <Reference Include="Unrelated.Package, Version=1.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed">
2250
+ <HintPath>packages\Unrelated.Package.1.0.0\lib\net45\Unrelated.Package.dll</HintPath>
2251
+ <Private>True</Private>
2252
+ </Reference>
2253
+ </ItemGroup>
2254
+ <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
2255
+ </Project>
2256
+ """,
2257
+ expectedPackagesConfigContents: """
2258
+ <packages>
2259
+ <package id="Some.Package" version="1.0.1" targetFramework="net45" />
2260
+ <package id="Unrelated.Package" version="1.0.0" targetFramework="net45" />
2261
+ </packages>
2262
+ """,
2263
+ expectedResult: new()
2264
+ {
2265
+ ErrorType = ErrorType.UpdateNotPossible,
2266
+ ErrorDetails = new[] { "Unrelated.Package.1.0.0" },
2267
+ }
2268
+ );
2269
+ }
2270
+
2193
2271
  protected static Task TestUpdateForProject(
2194
2272
  string dependencyName,
2195
2273
  string oldVersion,
@@ -16,6 +16,7 @@ public partial class UpdateWorkerTests
16
16
  [InlineData("net472")]
17
17
  [InlineData("net7.0")]
18
18
  [InlineData("net8.0")]
19
+ [InlineData("net9.0")]
19
20
  public async Task UpdateVersionAttribute_InProjectFile_ForPackageReferenceInclude(string tfm)
20
21
  {
21
22
  // update Some.Package from 9.0.1 to 13.0.1
@@ -186,6 +187,7 @@ public partial class UpdateWorkerTests
186
187
  projectContents: $"""
187
188
  <Project Sdk="Microsoft.NET.Sdk">
188
189
  <PropertyGroup>
190
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
189
191
  <TargetFramework>net8.0</TargetFramework>
190
192
  </PropertyGroup>
191
193
  <ItemGroup>
@@ -199,6 +201,7 @@ public partial class UpdateWorkerTests
199
201
  (Path: "src/Project/Project.csproj", Content: """
200
202
  <Project Sdk="Microsoft.NET.Sdk">
201
203
  <PropertyGroup>
204
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
202
205
  <TargetFramework>net8.0</TargetFramework>
203
206
  </PropertyGroup>
204
207
  <ItemGroup>
@@ -211,6 +214,7 @@ public partial class UpdateWorkerTests
211
214
  expectedProjectContents: $"""
212
215
  <Project Sdk="Microsoft.NET.Sdk">
213
216
  <PropertyGroup>
217
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
214
218
  <TargetFramework>net8.0</TargetFramework>
215
219
  </PropertyGroup>
216
220
  <ItemGroup>
@@ -224,6 +228,7 @@ public partial class UpdateWorkerTests
224
228
  (Path: "src/Project/Project.csproj", Content: """
225
229
  <Project Sdk="Microsoft.NET.Sdk">
226
230
  <PropertyGroup>
231
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
227
232
  <TargetFramework>net8.0</TargetFramework>
228
233
  </PropertyGroup>
229
234
  <ItemGroup>
@@ -244,7 +249,7 @@ public partial class UpdateWorkerTests
244
249
  MockNuGetPackage.CreateSimplePackage("Some.Package", "9.0.1", "net8.0"),
245
250
  MockNuGetPackage.CreateSimplePackage("Some.Package", "13.0.1", "net8.0"),
246
251
  // necessary for the `net8.0-windows10.0.19041.0` TFM
247
- new("Microsoft.Windows.SDK.NET.Ref", "10.0.19041.31", Files:
252
+ new("Microsoft.Windows.SDK.NET.Ref", "10.0.19041.34", Files:
248
253
  [
249
254
  ("data/FrameworkList.xml", Encoding.UTF8.GetBytes("""
250
255
  <FileList Name="Windows SDK .NET 6.0">
@@ -548,6 +553,7 @@ public partial class UpdateWorkerTests
548
553
  <Project Sdk="Microsoft.NET.Sdk">
549
554
 
550
555
  <PropertyGroup>
556
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
551
557
  <TargetFramework>net8.0</TargetFramework>
552
558
  </PropertyGroup>
553
559
 
@@ -562,6 +568,7 @@ public partial class UpdateWorkerTests
562
568
  <Project Sdk="Microsoft.NET.Sdk">
563
569
 
564
570
  <PropertyGroup>
571
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
565
572
  <TargetFramework>net8.0</TargetFramework>
566
573
  </PropertyGroup>
567
574
 
@@ -588,6 +595,7 @@ public partial class UpdateWorkerTests
588
595
  projectContents: """
589
596
  <Project Sdk="Microsoft.NET.Sdk">
590
597
  <PropertyGroup>
598
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
591
599
  <TargetFramework>net8.0</TargetFramework>
592
600
  </PropertyGroup>
593
601
  <ItemGroup>
@@ -608,6 +616,7 @@ public partial class UpdateWorkerTests
608
616
  expectedProjectContents: """
609
617
  <Project Sdk="Microsoft.NET.Sdk">
610
618
  <PropertyGroup>
619
+ <ManagePackageVersionsCentrally>false</ManagePackageVersionsCentrally>
611
620
  <TargetFramework>net8.0</TargetFramework>
612
621
  </PropertyGroup>
613
622
  <ItemGroup>
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "sdk": {
3
- "version": "8.0.300",
3
+ "version": "9.0.100-rc.1.24452.12",
4
4
  "rollForward": "latestMinor"
5
5
  }
6
6
  }
@@ -51,7 +51,7 @@ module Dependabot
51
51
  sig { override.returns(T::Array[Dependabot::DependencyFile]) }
52
52
  def updated_dependency_files
53
53
  base_dir = "/"
54
- SharedHelpers.in_a_temporary_repo_directory(base_dir, repo_contents_path) do
54
+ all_updated_files = SharedHelpers.in_a_temporary_repo_directory(base_dir, repo_contents_path) do
55
55
  dependencies.each do |dependency|
56
56
  try_update_projects(dependency) || try_update_json(dependency)
57
57
  end
@@ -70,6 +70,10 @@ module Dependabot
70
70
  end
71
71
  updated_files
72
72
  end
73
+
74
+ raise UpdateNotPossible, dependencies.map(&:name) if all_updated_files.empty?
75
+
76
+ all_updated_files
73
77
  end
74
78
 
75
79
  private
@@ -242,8 +242,11 @@ module Dependabot
242
242
  puts "running NuGet updater:\n" + command
243
243
 
244
244
  NuGetConfigCredentialHelpers.patch_nuget_config_for_action(credentials) do
245
+ # default to UseNewNugetPackageResolved _unless_ nuget_legacy_dependency_solver is enabled
245
246
  env = {}
246
- env["UseNewNugetPackageResolver"] = "true" if Dependabot::Experiments.enabled?(:nuget_dependency_solver)
247
+ unless Dependabot::Experiments.enabled?(:nuget_legacy_dependency_solver)
248
+ env["UseNewNugetPackageResolver"] = "true"
249
+ end
247
250
  output = SharedHelpers.run_shell_command(command,
248
251
  allow_unsafe_shell_command: true,
249
252
  fingerprint: fingerprint,
@@ -260,14 +263,16 @@ module Dependabot
260
263
  sig { params(json: T::Hash[String, T.untyped]).void }
261
264
  def self.ensure_no_errors(json)
262
265
  error_type = T.let(json.fetch("ErrorType", nil), T.nilable(String))
263
- error_details = T.let(json.fetch("ErrorDetails", nil), T.nilable(String))
266
+ error_details = json.fetch("ErrorDetails", nil)
264
267
  case error_type
265
268
  when "None", nil
266
269
  # no issue
267
270
  when "AuthenticationFailure"
268
- raise PrivateSourceAuthenticationFailure, error_details
271
+ raise PrivateSourceAuthenticationFailure, T.let(error_details, T.nilable(String))
269
272
  when "MissingFile"
270
- raise DependencyFileNotFound, error_details
273
+ raise DependencyFileNotFound, T.let(error_details, T.nilable(String))
274
+ when "UpdateNotPossible"
275
+ raise UpdateNotPossible, T.let(error_details, T::Array[String])
271
276
  else
272
277
  raise "Unexpected error type from native tool: #{error_type}: #{error_details}"
273
278
  end
@@ -42,6 +42,8 @@ module Dependabot
42
42
  convert_dotnet_constraint_to_ruby_constraint(req_string)
43
43
  end
44
44
 
45
+ requirements = requirements.compact.reject(&:empty?)
46
+
45
47
  super(requirements)
46
48
  end
47
49
 
@@ -13,6 +13,7 @@ require "dependabot/nuget/http_response_helpers"
13
13
 
14
14
  module Dependabot
15
15
  module Nuget
16
+ # rubocop:disable Metrics/ClassLength
16
17
  class RepositoryFinder
17
18
  extend T::Sig
18
19
 
@@ -48,7 +49,15 @@ module Dependabot
48
49
  @known_repositories << { url: DEFAULT_REPOSITORY_URL, token: nil } if @known_repositories.empty?
49
50
 
50
51
  @known_repositories = @known_repositories.map do |repo|
51
- { url: URI::DEFAULT_PARSER.escape(repo[:url]), token: repo[:token] }
52
+ url = repo[:url]
53
+ begin
54
+ url = URI::DEFAULT_PARSER.parse(url).to_s
55
+ rescue URI::InvalidURIError
56
+ # e.g., the url has spaces or unacceptable symbols
57
+ url = URI::DEFAULT_PARSER.escape(url)
58
+ end
59
+
60
+ { url: url, token: repo[:token] }
52
61
  end
53
62
  @known_repositories.uniq
54
63
  end
@@ -68,6 +77,20 @@ module Dependabot
68
77
  }
69
78
  end
70
79
 
80
+ sig { params(source_name: String).returns(String) }
81
+ def self.escape_source_name_to_element_name(source_name)
82
+ source_name.chars.map do |c|
83
+ case c
84
+ when /[A-Za-z0-9\-_.]/
85
+ # letters, digits, hyphens, underscores, and periods are all directly allowed
86
+ c
87
+ else
88
+ # otherwise it needs to be escaped as a 4 digit hex value
89
+ "_x#{c.ord.to_s(16).rjust(4, '0')}_"
90
+ end
91
+ end.join
92
+ end
93
+
71
94
  private
72
95
 
73
96
  sig { returns(Dependabot::Dependency) }
@@ -376,7 +399,7 @@ module Dependabot
376
399
  next source_details[:token] = nil unless key
377
400
  next source_details[:token] = nil if key.match?(/^\d/)
378
401
 
379
- tag = key.gsub(" ", "_x0020_")
402
+ tag = RepositoryFinder.escape_source_name_to_element_name(key)
380
403
  creds_nodes = doc.css("configuration > packageSourceCredentials " \
381
404
  "> #{tag} > add")
382
405
 
@@ -438,5 +461,6 @@ module Dependabot
438
461
  end
439
462
  end
440
463
  end
464
+ # rubocop:enable Metrics/ClassLength
441
465
  end
442
466
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-nuget
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.278.0
4
+ version: 0.280.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-09-26 00:00:00.000000000 Z
11
+ date: 2024-10-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.278.0
19
+ version: 0.280.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.278.0
26
+ version: 0.280.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rubyzip
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -176,14 +176,14 @@ dependencies:
176
176
  requirements:
177
177
  - - "~>"
178
178
  - !ruby/object:Gem::Version
179
- version: 0.8.1
179
+ version: 0.8.5
180
180
  type: :development
181
181
  prerelease: false
182
182
  version_requirements: !ruby/object:Gem::Requirement
183
183
  requirements:
184
184
  - - "~>"
185
185
  - !ruby/object:Gem::Version
186
- version: 0.8.1
186
+ version: 0.8.5
187
187
  - !ruby/object:Gem::Dependency
188
188
  name: simplecov
189
189
  requirement: !ruby/object:Gem::Requirement
@@ -398,19 +398,25 @@ files:
398
398
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/AllowedUpdate.cs
399
399
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/CreatePullRequest.cs
400
400
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyFile.cs
401
+ - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/DependencyFileNotFound.cs
401
402
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/IncrementMetric.cs
402
403
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/Job.cs
404
+ - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobErrorBase.cs
403
405
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobFile.cs
404
406
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/JobSource.cs
405
407
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/MarkAsProcessed.cs
408
+ - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/PrivateSourceAuthenticationFailure.cs
406
409
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/ReportedDependency.cs
407
410
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/ReportedRequirement.cs
408
411
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/RequirementSource.cs
412
+ - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UnknownError.cs
413
+ - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdateNotPossible.cs
409
414
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/ApiModel/UpdatedDependencyList.cs
410
415
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/HttpApiHandler.cs
411
416
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/IApiHandler.cs
412
417
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunResult.cs
413
418
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Run/RunWorker.cs
419
+ - helpers/lib/NuGetUpdater/NuGetUpdater.Core/UpdateNotPossibleException.cs
414
420
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/BindingRedirectManager.cs
415
421
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/BindingRedirectResolver.cs
416
422
  - helpers/lib/NuGetUpdater/NuGetUpdater.Core/Updater/ConfigurationFile.cs
@@ -487,8 +493,8 @@ licenses:
487
493
  - MIT
488
494
  metadata:
489
495
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
490
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.278.0
491
- post_install_message:
496
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.280.0
497
+ post_install_message:
492
498
  rdoc_options: []
493
499
  require_paths:
494
500
  - lib
@@ -504,7 +510,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
504
510
  version: 3.1.0
505
511
  requirements: []
506
512
  rubygems_version: 3.5.9
507
- signing_key:
513
+ signing_key:
508
514
  specification_version: 4
509
515
  summary: Provides Dependabot support for .NET (NuGet)
510
516
  test_files: []